Security Incidents mailing list archives
RE: Nimda et.al. versus ISP responsibility
From: "Jay D. Dyson" <jdyson () treachery net>
Date: Thu, 27 Sep 2001 17:01:23 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE----- On Thu, 27 Sep 2001, Greg A. Woods wrote:
I think there is a mid-ground wherein all ISPs are responsible for both ingress and egress filtering of all traffic on their network to ensure it is valid traffic (e.g.., making sure that customer A cannot inject traffic into the network with a source IP that doesn't belong to them...nearly eliminating spoofing) but stopping short of scanning payloads of packets.Come on! Get real! Any properly formed IP packet is valid traffic!
With all due respect, you are so horribly misinformed that it's not even funny. The original author is quite correct that ISPs are indeed responsible for ingress and egress filtering in order to diminish the likelihood of spoofed packets. This isn't rocket science. Anyone claiming that ISPs shouldn't be taking such steps is either ignorant, misguided, or just plain opposed to common-sense security practices. In any case, such people definitely shouldn't be in charge of any netblock. They're a hazard to themselves and the 'net overall. - -Jay ( ( _______ )) )) .-"There's always time for a good cup of coffee."-. >====<--. C|~~|C|~~| (>------ Jay D. Dyson - jdyson () treachery net ------<) | = |-' `--' `--' `--------------- rm -rf /bin/laden ---------------' `------' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBO7OvxrlDRyqRQ2a9AQE1ZAP/cK1D4C0KKXQR8/PSetzVNcuqutr0VovI 5XSKp67+qzXkZZ+fVir52qRrVtT97t1GXm9lAev3lpxBVDr4FSSaU/PnpOga0Mlc cnSzKL50gNpTJskE19mSLvW4Wq/EfZj6M62YvY/OwIhAKPu22sLtEJN9IVs/BzMm KNh5hXIcO7c= =9Evg -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: Nimda et.al. versus ISP responsibility, (continued)
- RE: Nimda et.al. versus ISP responsibility Homer Wilson Smith (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Neil Dickey (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Michael B. Morell (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Dave Salovesh (Sep 27)
- RE: Nimda et.al. versus ISP responsibility UMusBKidN (Sep 27)
- Re: Nimda et.al. versus ISP responsibility robertm (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Jason Robertson (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Mogull,Rich (Sep 27)
- RE: Nimda et.al. versus ISP responsibility ahoward (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Greg A. Woods (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Jay D. Dyson (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Greg A. Woods (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Stephen Villano (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Chad Mawson (Sep 27)
- RE: Nimda et.al. versus ISP responsibility UMusBKidN (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Jonathan Levy (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Brian Cervenka (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Tony Langdon (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Dean Cunningham (Sep 27)
- RE: Nimda et.al. versus ISP responsibility ahoward (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Smith, Mark (Sep 28)